Dedicated to providing the latest
HIPAA compliance news

1,900 MidMichigan Medical Center Patients Notified After Documents Found in the Street

Share this article on:

MidMichigan Medical Center (MMC) in Alpena has alerted patients to a potential breach of their health information, which may have literally fallen into the hands of individuals unauthorized to view the information.

On the evening of November 18, a MMC cardiologist removed patient files from the Alpena cardiology office without authorization. The files were transported to the cardiologist’s vehicle in a storage container, but the container had not been properly secured.

Close to a parking lot near 12th Avenue/Chisholm Street, the container was dropped, spilling the contents on the ground. The documents were caught by the wind and started blowing round the street.

Some of the documents were picked up by members of the public, who informed the hospital that documents containing sensitive patient information was blowing around the street. The hospital contacted law enforcement to provide assistance collecting the paperwork.

Dr. Richard Bates, vice president of medical affairs at MMC issued a statement saying all of the paperwork is believed to have been retrieved, so the risk to patients is thought to be low. However, since it cannot be confirmed that every document has been recovered, patients have been notified of the potential breach of their PHI.

The reasons why the cardiologist, Dr. Christopher Walls, removed the records from the office is not known. However, removing documents containing patient information is a violation of hospital policies, and as a result of that violation, Dr. Walls is no longer employed at MMC.

Approximately 1,900 patients have been notified of the potential breach, which may have included names along with addresses, Social Security numbers, and clinical data. As a precautionary measure, affected patients have been offered complimentary identity theft protection services.

“We take matters related to the security of our patients’ personal information very seriously because it is our responsibility to protect their privacy. We have rigorous processes and procedures in place to detect breaches and to protect patients’ rights,” said Bates.

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On